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DETAILED ACTION 

1. Claims 1-6, 8-16, 19, 21, 23, 24, and 26 are pending in this action. 

2. Applicant's arguments, filed July 31 , 2006, have been considered and are 
persuasive. However, a new ground of rejection is made. 

Rejections 

3. The text of those sections of Title 35, U.S. Code that are not included in this 
rejection can be found in a prior Office action. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1, 3-6, 8, 10-16, 19, 21, 23, 24, and 26 are rejected under 35 
U.S.C. 102(e) as being anticipated by Keronen (U.S. Patent No. 6,871,277). 
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Regarding claims 1 and 13 , Keronen teaches a process/computer-readable 
medium for protecting a computer from hostile code, the process comprising: 

• Defining at least two trust groups, each of the defined trust groups being 
characterized by a trust group value (col. 5, lines 25-30); 

• Assigning objects and processes in the computer to one of said trust groups, 
irrespective of the rights of a user of said computer (col. 5, lines 19-25); 

• Defining at least two object types (col. 4, line 61 through col. 5, line 18); 

• Assigning an object type to each of the objects (col. 4, lines 61-64); 

• Defining an action rule for each combination of process trust group value, object 
trust group value, and object type (fig. 4-7); and 

• Upon an access request by a requesting process to a target object, performing 
the action indicated by the action rule applicable to the trust group value of the 
requesting process, the trust group value of the target object, and the object type 
(fig. 4-7 and accompanying description). 

Regarding claim 3 , Keronen as modified by Replace2 teaches further comprising 
changing the trust group of the process if the trust group value of the process is greater 
than the trust group value of the object (col. 5, lines 25-26). 



Regarding claim 4 , Keronen as modified by Replace2 teaches further comprising 
changing the trust group of said object after performing said action (col. 6, lines 1-5). 
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Regarding claim 5 , Keronen as modified by Replace2 teaches further comprising, 
upon creation of an object by a process, assigning said created object to the trust group 
of said process (col. 4, lines 46-60). 

Regarding claim 6 , Keronen as modified by Replace2 teaches further comprising 
defining at least two operation types and wherein said combination includes at least one 
of said operation types (fig. 6 and fig. 7). 

Regarding claim 8 , Keronen as modified by Replace2 teaches further comprising 
assigning said process to the trust group of said object if the trust group of said process 
is higher than the trust group of said object (fig. 6). 

Regarding claim 10 , Keronen as modified by Replace2 teaches further 
comprising: defining at least two process types; assigning processes to one of said 
process types; and wherein said combination includes at least one of said process 
types (fig. 4-7). 

Regarding claims 11 and 16 , Keronen as modified by Replace2 teaches wherein 
said object types comprise passive code and executable code (col. 4, lines 61-66). 



Regarding claims 12 and 15 , Keronen as modified by Replace2 teaches wherein 
said operation types comprise open, read, create, modify, and delete (fig. 6 and fig. 7). 
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Regarding claim 14 , Keronen as modified by Replace2 teaches further 
comprising instructions causing the computer to: define a table of types of at least two 
types of objects, the objects in the computer being assigned one type (col. 4, line 61 
through col. 5, line 18); and wherein said plurality of rules defines said actions further 
based on the type of said object (fig. 4-7). 

Regarding claims 19 and 21 Keronen teaches wherein the computer is 
operatively coupled to a network, the network including a server, the table of trust 
groups/rules is stored in said server (col. 7, lines 52-54). 



Regarding claim 23 , Keronen teaches a computer comprising: 
A random access memory (fig. 9, ref. num 906); 
A non-volatile memory (fig. 9, ref. num 912); 

A processor coupled to said RAM and said non-volatile memory (fig. 9, ref. num 
904); 

Wherein said non-volatile memory comprises: 

o A list of object types (col. 4, line 61 through col. 5, line 18); 

o A list of rules, each rule defining an action based on an object type (fig. 4- 

n 

o A list of object trust groups, each trust group defining an object trust value 
and coupled to at least one of said rules (col. 5, lines 25-30); 
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o A plurality of objects, each of said objects having an object type and 
assigned to one of said trust groups (col. 5, lines 19-25); and 
• Wherein when a process is created in said RAM from an originating object of one 
of said objects, said processor assigns to said process a process trust value 
equal to the object trust value of said originating object (fig. 4-7). 

Regarding claim 24 , Keronen as modified by Replace2 teaches further 
comprising a controller receiving operation requests from said process to be performed 
on a target object of one of said objects and, upon receiving said requests said 
controller access said list of object trust groups, list of rules, and list of object type to 
determine whether to allow the operation (fig. 1, ref. num 104 and col. 6, lines 1-5). 

Regarding claim 26 , Keronen as modified by Replace2 teaches wherein when 
the controller allows the operation request but the process trust value is lower than the 
target object trust value, said processor resets the process trust value equal to that of 
the target object trust value (fig. 6). 



Claim Rejections - 35 USC § 103 

6. Claims 2 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Keronen (USPN '277). 
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Regarding claim 2 , Keronen teaches all the limitations of claim 1 , above. 
However, Keronen does not specifically teach wherein a process is assigned upon 
creation to the trust group assigned to the passive code from which the process is 
created. However, Keronen does teach that the entities are encapsulated, using such 
as language as Java (col. 4, lines 46-60). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine assigning a process to a trust group based on the trust 
group value of the process that creates it, with the process/medium of Keronen . It 
would have been obvious for such modifications because like encapsulation, 
inheritance, is one of the three requirements for an object oriented language, like Java. 
The entities are encapsulated, as taught by Keronen , but must also have inheritance in 
order to comply with the object oriented requirements of Java. 

Regarding claim 9 , Keronen teaches wherein upon a restart of said process, the 
trust group of said process reverts to the original trust group of the object from which the 
process was created (the entities are created in software that reverts back to its original 
values when restarted). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon S. Hoffman whose telephone number is 571- 
272-3863. The examiner can normally be reached on M-F 8:30 - 5:00. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser G. Moazzami can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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